On-prem Deployment Guidelines for Web Application Scanning

You can deploy Tenable.io Web Application Scanning on-prem using one or more Tenable Core for Web Application Scanning scanners located at your network edge or inside your firewall, depending on your scanning objectives.

Configure external scanning by placing a scanner at your network edge. External scanning allows you to scan through open ports in your firewall and see your web applications from the perspective of an attacker.

For more information about port access requirements in Tenable.io on-prem, see Port Requirements.